Our latest investigation…

Keys to the (SaaS) kingdom During an investigation CyberCX became aware of a campaign consisting of multiple incidents associated with the same threat actor utilising domain registration hijacking to target financial technology...

We published some cool adversary tradecraft in a blog here: cybercx.com.au/blog/keys-to... (there's also a TLP CLEAR advisory floating around).

MX hijacking is brutal - and bypasses all your enterprise controls.

The most interesting bit here is that the best Western gov cyber outfits overhauled their operational approach after the mid-10s to focus more on avoiding detection.

The era of the "factory ops" was too risky with the rise of threat intel.

Harder to reliably spot 2025's Regin, Careto, Flame, etc

Still wondering… Why does Zoom have offices? 🤔😇😎

Nothing's are nice... But not de-Googled?

Looks just fine (sent from a Pixel running Graphene)

‘Deep concern’ for domestic abuse survivors as cybercriminals expected to publish confidential refuge addresses A data extortion incident impacting the British government’s Legal Aid Agency could have serious implications for vulnerable people.

Sensitive information about women and girls who have survived domestic abuse is now expected to be exposed through a data extortion incident impacting the British government’s Legal Aid Agency, potentially revealing their locations to abusers and in some cases requiring them to move homes.

Chart showing the number of new podcasts produced returning to 2018 levels after a 2020 high

In a rare bit of good news for everyone, the number of new podcasts being created is going down. on.ft.com/4ihZp86 Presumably because everyone already has one

So the reason Norfolk Island copped a dramatically higher tariff than the rest of Australia is two shipments of Timbaland boots from the Bahamas and some aquarium supplies from the UK that had their point of origin mislabeled or misrecorded.

www.theguardian.com/australia-ne...

Yes but did you pass ?

Yes, but it's bigger than just cyber - what if your hyperscaler/public cloud vendor of choice/email and business productivity suite of choice turns you off ?

Nice talk !

Real men don’t barricade women and children. Real men don’t threaten and intimidate. Real men don’t preach hate. Real men DO show respect, compassion & love. Real men are comfortable enough in who they are to celebrate the diversity of others. Brian Tamaki you are just a boy.

Great to see our little report covered by @patrick.risky.biz and @metlstorm.risky.biz 💪

PS: We didn't make particularly clear that the whilst the VOLUME of cases skewed towards BECs / Financial crime, a more relevant metric would have been something like people-hours of effort - BECs Smol, Espionage bigly - lots of the big gnarly APT cases involve 1000s of hrs of effort...

So a good chunk of those "unknown" cases were espionage, but they fit into the "vibes based" attribution rather than any sort of rigor, and a wider set were on the fence.

Costa Rica refinery cyberattack was first deployment for new US response program, ambassador says A recent ransomware attack on RECOPE, Costa Rica's state-run energy company, was the first real-world test for FALCON, a new State Department program for foreign incident response, a top diplomat tell...

EXCLUSIVE: A potentially catastrophic ransomware attack on Costa Rica’s largest oil refinery last year was the first real-world test of the U.S. State Department’s new rapid response tool for cybersecurity incidents.

Only on @therecordmedia.bsky.social

therecord.media/state-depart...

I sincerely hope that any Americans pining for Chinese social media because American social media is so repressive and censorious, or pining for the experience of an average person in China because average Americans are so poor, beaten down, and despairing never have to experience why they're wrong.

A cross-sectional diagram of Mt. Crumpit showing a hidden entrance concealed by bricks and rubble, leading to a cave where the Grinch is depicted lying down in a simple line art style, reminiscent of the Saddam Hussein hiding place meme format. The image uses a purple-tinted background for the mountain exterior and includes white dotted circles highlighting key areas with labeled arrows pointing to "Entrance hidden by bricks and rubble" and "The Grinch."

WHOVILLE, Libya (Reuters) - The Grinch, and his loyalist bodyguard Max, broke out of the two-month siege of Mt. Crumpit. Once his convoy was hit by SANTA aircraft, the Grinch was captured and killed by pursuing Whoville units.

Bashar al-Assad, the London Ophthalmologist?

for whom the doom scrolls

CTI is the cause of my brainrot but I really cooked on this #salttyphoon #telecomhack

Maybe they're paid by the hour...?

A quick update to say that i’ll be posting all my content to Milf Messenger which is crucially not an echo chamber and is *actually* the place where free speech, spirited debate, and the marketplace of ideas thrives

Batman wearing a Santa hat. The hat has holes for the ears of his cowl to poke through.

Batman wearing two tiny Santa hats, each on the tip of one of the ears of his cowl.

If Batman was a Santa, would he wear his hat like this, or like this